intrusion detection and blocking DoS?

Home Page Forums Network Management ZeroShell intrusion detection and blocking DoS?

This topic contains 5 replies, has 0 voices, and was last updated by  ofer 10 years, 1 month ago.

Viewing 7 posts - 1 through 7 (of 7 total)
  • Author
    Posts
  • #40757

    ofer
    Member

    Is it possible to setup rules with zeroshell to identify attacks, suspicious activity, etc, and then block it?

    #45802

    markham
    Member

    I built a bridge using snort inline that works fantastic. You would need something like that so you could get new patterns for new attacks. Adding snort to the system would dramatically increase the size of the install but it would be really cool. I would think about working on that but I haven’t wrapped my head completely around how zeroshell saves and uses its settings. Also you would need a developer to put snort inline onto the livecd. Snort inline runs in memory after loading its patters from text files and uses iptables to direct traffic into it so it seems to be something that would be at least feasible.

    #45803

    imported_fulvio
    Participant

    In one of the next releases I’d like to include Snort and make it configurable with the web interface of Zeroshell.

    Regards
    Fulvio

    #45804

    ofer
    Member

    Adding snort would be a wonderful thing. Thank you for all your hard work. Let us know if we can do something for you. Ofer

    #45805

    ofer
    Member

    Any idea when snort will be added?

    #45806

    imported_fulvio
    Participant

    I am not sure, but I think that Snort will be added within 6 months.

    Regards
    Fulvio

    #45807

    Bob_Cat
    Member

    Hi Fluvio,

    Not to nag, but has the addition of Snort progressed at all?

    Many thanks.

    Bob

Viewing 7 posts - 1 through 7 (of 7 total)

You must be logged in to reply to this topic.